Cussins Enterprises LLC
Technology is a paint brush on the canvas of life.
What can we paint for you?
Cybersecurity News
Awareness of what is happening is the 1st to a secure system.Threat Post
Firewall Bug Under Active Attack Triggers CISA WarningOn August 23, 2022Source: Web Security – ThreatpostBy ThreatpostCategories: Vulnerabilities, Web Security CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.… Read more |
Fake Reservation Links Prey on Weary TravelersOn August 22, 2022Source: Web Security – ThreatpostBy Nate NelsonCategories: Malware, Web Security Fake travel reservations are exacting more pain from the travel weary, already dealing with the mise… Read more |
Google Patches Chrome’s Fifth Zero-Day of the YearOn August 18, 2022Source: Web Security – ThreatpostBy Elizabeth MontalbanoCategories: Vulnerabilities, Web Security, Google Chrome, zero-day vulnerabilities An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arb… Read more |
Phishers Swim Around 2FA in Coinbase Account HeistsOn August 8, 2022Source: Web Security – ThreatpostBy Elizabeth MontalbanoCategories: Hacks, Web Security Attackers are spoofing the widely used cryptocurrency exchange to trick users into logging in so the… Read more |
Open Redirect Flaw Snags Amex, Snapchat User DataOn August 5, 2022Source: Web Security – ThreatpostBy Elizabeth MontalbanoCategories: Hacks, Vulnerabilities, Web Security Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among ot… Read more |
Universities Put Email Users at Cyber RiskOn August 2, 2022Source: Web Security – ThreatpostBy Elizabeth MontalbanoCategories: Vulnerabilities, Web Security DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest prot… Read more |
Threat Actors Pivot Around Microsoft’s Macro-Blocking in OfficeOn July 28, 2022Source: Web Security – ThreatpostBy Elizabeth MontalbanoCategories: Hacks, Malware, Web Security Cybercriminals turn to container files and other tactics to get around the company’s attempt to thwa… Read more |
IoT Botnets Fuel DDoS Attacks – Are You Prepared?On July 26, 2022Source: Web Security – ThreatpostBy Sponsored ContentCategories: Sponsored, Vulnerabilities, Web Security, indusface The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifies… Read more |
Magecart Serves Up Card Skimmers on Restaurant-Ordering SystemsOn July 20, 2022Source: Web Security – ThreatpostBy Elizabeth MontalbanoCategories: Hacks, Malware, Web Security 300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against Menu… Read more |
Authentication Risks Discovered in Okta PlatformOn July 19, 2022Source: Web Security – ThreatpostBy Nate NelsonCategories: Privacy, Web Security Four newly discovered attack paths could lead to PII exposure, account takeover, even organizational… Read more |
Beeping Computer
https://www.bleepingcomputer.com/feed/ is invalid XML, likely due to invalid characters. XML error: XML_ERR_NAME_REQUIRED at line 1, column 5377 |
Motherboard
Scientists Claim AI Breakthrough to Generate Boundless Clean Fusion EnergyOn February 21, 2024Source: VICE US - MotherboardBy Mirjam GuesgenCategories: Science, nuclear fusion, AI, Abstract Princeton researchers report that a new AI model has solved one of the major roadblocks to generatin… Read more |
How Starship Troopers’ Psychic Subplot Explains Its Divisive MessageOn February 20, 2024Source: VICE US - MotherboardBy Jordan PearsonCategories: Opinion, starship troopers, helldivers 2, Paul Verhoeven The internet is warring over Paul Verhoeven’s subversive 1997 sci-fi blockbuster, and one puzzling e… Read more |
First Prison Photo of Sam Bankman-Fried Emerges: Bearded, Thin, and ‘Weird as Shit’On February 20, 2024Source: VICE US - MotherboardBy Maxwell StrachanCategories: S.B.F., sam bankman-fried, ftx, alameda research, crypto Independent crypto journalist Tiffany Fong obtained the photo of the former FTX CEO from a former in… Read more |
X Suspends, Then Reinstates, Alexei Navalny’s Widow After Pledge to Continue Anti-Putin Politician’s WorkOn February 20, 2024Source: VICE US - MotherboardBy Jordan PearsonCategories: Tech news, Navalny, X, Twitter, Musk, Putin, Alexei Navalny, Yulia Navalnaya Yulia Navalnaya pledged to continue her late husband’s work to unseat Vladimir Putin in videos share… Read more |
Life in a ‘Death Trap’: How Tenants Rose Up Against a Federally Funded Mega-LandlordOn February 20, 2024Source: VICE US - MotherboardBy Roshan AbrahamCategories: housing, HUD, apartments, rentals, section 8 Years of living with rats, snakes, and rotted floorboards has led a group of tenants across the coun… Read more |
Data Breeches
Too Speculative’: US Judge Throws Out Data Breach Suit Against Ally FinancialOn March 27, 2024Source: DataBreaches.netBy Dissent Doe PHDCategories: Exposure, Financial Sector, U.S. Jane Wester reports: U.S. District Judge Nelson Román of the Southern District of New York on Monday… Read more |
Utah Enacts Amendments to State Breach Notification LawOn March 27, 2024Source: DataBreaches.netBy Dissent Doe PHDCategories: Breach Laws, Legislation, Of Note, State/Local, U.S. Hunton Andrews Kurth writes: On March 19, 2024, Utah’s Governor Spencer J. Cox signed Senate Bill (S… Read more |
System Status NoteOn March 26, 2024Source: DataBreaches.netBy Dissent Doe PHDCategories: Uncategorized The RSS feed should be working again for those who are already subscribed to it or would like to sub… Read more |
Treasury Sanctions China-Linked Hackers for Targeting U.S. Critical InfrastructureOn March 26, 2024Source: DataBreaches.netBy Dissent Doe PHDCategories: Federal, Hack, Legislation, Of Note, U.S., APT 31, critical infrastructure, OFAC WASHINGTON — Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctio… Read more |
Major credit bureau slapped with enforcement notice for data breach in South AfricaOn March 26, 2024Source: DataBreaches.netBy Dissent Doe PHDCategories: Business Sector, Hack, Non-U.S. Jan Vermeulen reports: The Information Regulator has slapped credit bureau TransUnion with an enforc… Read more |
System Status NoteOn March 23, 2024Source: DataBreaches.netBy Dissent Doe PHDCategories: Uncategorized On March 8, DataBreaches experienced a massive DDoS attack. At the time, I thought all posts had bee… Read more |
Commonwealth Healthcare Corporation breached, patient data involvedOn March 23, 2024Source: DataBreaches.netBy Dissent Doe PHDCategories: Blog, Hack, Health Data, HIPAA, U.S. A new leaksite appeared this past week that appears to have been created for one particular incident… Read more |
OK: Emergency Medical Services Authority notifies patients of hacking incidentOn March 23, 2024Source: DataBreaches.netBy Dissent Doe PHDCategories: Hack, Health Data, U.S. Terré Gables of KFOR reports: Emergency Medical Services Authority (“EMSA”) says, it has identified… Read more |
American Renal Associates patients affected by ransomware attackOn March 22, 2024Source: DataBreaches.netBy Dissent Doe PHDCategories: Health Data, Malware, U.S., American Renal Associates, Innovative Renal Care, ransomware Marco A. De Felice reports: The American Renal Associates (now known as Innovative Renal Care), with… Read more |
Nissan Oceania Data Breach Impacts 100,000 Individuals in Australia and New ZealandOn March 22, 2024Source: DataBreaches.netBy Dissent Doe PHDCategories: Business Sector, Malware, Non-U.S. Alicia Hope reports: Nissan Oceania is notifying 100,000 individuals that the December 2023 data bre… Read more |
Cyberscoop
CISA releases draft rule for cyber incident reportingOn March 27, 2024Source: CyberScoopBy Christian VasquezCategories: Government, Policy, critical infrastructure, Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS), incident reporting, Jen Easterly The proposal describes when critical infrastructure organizations will be required to report cyberse… Read more |
Treasury report calls out cyber risks to financial sector fueled by AIOn March 27, 2024Source: CyberScoopBy mbrackenCategories: AI, Cybersecurity, Artificial Intelligence (AI), National Institute of Standards and Technology (NIST), Treasury Department The new report sounds the alarm on AI-specific cyber risks while highlighting best practices to comb… Read more |
Spyware and zero-day exploits increasingly go hand-in-hand, researchers findOn March 27, 2024Source: CyberScoopBy eliasgrollCategories: Cybersecurity, Privacy, Technology, Google, Mandiant, spyware, vulnerabilities Researchers found 97 zero-days exploited in the wild in 2023; nearly two thirds of mobile and browse… Read more |
Chinese hackers target family members to surveil hard targetsOn March 26, 2024Source: CyberScoopBy eliasgrollCategories: Cybersecurity, Geopolitics, APT31, China, Department of Justice (DOJ), hacking, Ministry of State Security, surveillance To surveil security conscious politicians and dissidents, hackers linked to Beijing are increasingly… Read more |
US and UK accuse China of cyber operations targeting domestic politicsOn March 25, 2024Source: CyberScoopBy AJ VicensCategories: Geopolitics, China, Treasury Department, sanctions, APT31, Department of Justice (DOJ), cyber espionage, Ministry of State Security Officials in Washington and London say hackers backed by the Chinese state sought to silence disside… Read more |
US must establish independent military cyber service to fix ‘alarming’ problems — reportOn March 25, 2024Source: CyberScoopBy Billy MitchellCategories: Government, Uncategorized A new report from the Foundation for Defense of Democracies aims to make the case for the creation o… Read more |
Top Democrat proposes minimum cybersecurity standards in wake of Change Healthcare attackOn March 22, 2024Source: CyberScoopBy AJ VicensCategories: Government, Ransomware, Change Healthcare, Ron Wyden, Sen. Mark Warner, UnitedHealth Group The new legislation from Sen. Mark Warner comes as health care groups say they would oppose such pro… Read more |
German political party targeted by SVR-linked group in spearphishing campaign, Mandiant saysOn March 22, 2024Source: CyberScoopBy djohnsonCategories: Geopolitics, Government, malware, Russia, Cozy Bear, germany, spearphishing, Mandiant, SVR The group may have been seeking insights on shifting European sentiments on Ukraine, threat analysts… Read more |
House-passed data privacy bill doesn’t thrill privacy groupsOn March 21, 2024Source: CyberScoopBy Tim StarksCategories: Government, Privacy, Center for Democracy & Technology, Privacy legislation, privacy law, TikTok, data brokers, Executive order, House Energy and Commerce Committee, China, Congress, Russia, Section 702, privacy A measure to address the sale of Americans’ data doesn’t go far enough to rein in the data broker in… Read more |
Russian military intelligence may have deployed wiper against multiple Ukrainian ISPsOn March 21, 2024Source: CyberScoopBy AJ VicensCategories: Geopolitics, AcidPour, AcidRain, Russia, Ukraine, wiper malware A group known as Solntsepek claimed credit for attacks on the ISPs Triacom, Misto TV, Linktelecom an… Read more |
Krebs On Security
The Hacker News
Telegram Offers Premium Subscription in Exchange for Using Your Number to Send OTPsOn March 28, 2024Source: The Hacker NewsByIn June 2017, a study of more than 3,000 Massachusetts Institute of Technology (MIT) stude… Read more In June 2017, a study of more than 3,000 Massachusetts Institute of Technology (MIT) students published by the National Bureau for Economic Research (NBER) found that 98% of them were willing to give away their friends' email addresses in exchange for free pizza.
"Whereas people say they care about privacy, they are willing to relinquish private data quite easily when |
Hackers Hit Indian Defense, Energy Sectors with Malware Posing as Air Force InviteOn March 27, 2024Source: The Hacker NewsByIndian government entities and energy companies have been targeted by unknown threat actors with an… Read more Indian government entities and energy companies have been targeted by unknown threat actors with an aim to deliver a modified version of an open-source information stealer malware called HackBrowserData and exfiltrate sensitive information in some cases by using Slack as command-and-control (C2).
"The information stealer was delivered via a phishing email, masquerading as an invitation letter |
CISA Warns: Hackers Actively Attacking Microsoft SharePoint VulnerabilityOn March 27, 2024Source: The Hacker NewsByThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw… Read more The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting Microsoft Sharepoint Server to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild.
The vulnerability, tracked as CVE-2023-24955 (CVSS score: 7.2), is a critical remote code execution flaw that allows an authenticated attacker with Site |
Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious ExtensionsOn March 27, 2024Source: The Hacker NewsByA now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbi… Read more A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users' systems and carry out malicious actions.
"This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly install additional browser extensions with broad permissions without the user's knowledge," Guardio |
SASE Solutions Fall Short Without Enterprise Browser Extensions, New Report RevealsOn March 27, 2024Source: The Hacker NewsByAs SaaS applications dominate the business landscape, organizations need optimized network speed and… Read more As SaaS applications dominate the business landscape, organizations need optimized network speed and robust security measures. Many of them have been turning to SASE, a product category that offers cloud-based network protection while enhancing network infrastructure performance.
However, a new report: "Better Together: SASE and Enterprise Browser Extension for the SaaS-First Enterprise" ( |
Critical Unpatched Ray AI Platform Vulnerability Exploited for Cryptocurrency MiningOn March 27, 2024Source: The Hacker NewsByCybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and un… Read more Cybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and unpatched vulnerability in an open-source artificial intelligence (AI) platform called Anyscale Ray to hijack computing power for illicit cryptocurrency mining.
"This vulnerability allows attackers to take over the companies' computing power and leak sensitive data," Oligo Security researchers Avi |
Alert: New Phishing Attack Delivers Keylogger Disguised as Bank Payment NoticeOn March 27, 2024Source: The Hacker NewsByA new phishing campaign has been observed leveraging a novel loader malware to deliver an informatio… Read more A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla.
Trustwave SpiderLabs said it identified a phishing email bearing this attack chain on March 8, 2024. The message masquerades as a bank payment notification, urging the user to open an archive file attachment.
The archive ("Bank Handlowy w Warszawie |
Two Chinese APT Groups Ramp Up Cyber Espionage Against ASEAN CountriesOn March 27, 2024Source: The Hacker NewsByTwo China-linked advanced persistent threat (APT) groups have been observed targeting entities and m… Read more Two China-linked advanced persistent threat (APT) groups have been observed targeting entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN) as part of a cyber espionage campaign over the past three months.
This includes the threat actor known as Mustang Panda, which has been recently linked to cyber attacks against Myanmar as well as |
Sketchy NuGet Package Likely Linked to Industrial Espionage Targets DevelopersOn March 26, 2024Source: The Hacker NewsByThreat hunters have identified a suspicious package in the NuGet package manager that's li… Read more Threat hunters have identified a suspicious package in the NuGet package manager that's likely designed to target developers working with tools made by a Chinese firm that specializes in industrial- and digital equipment manufacturing.
The package in question is SqzrFramework480, which ReversingLabs said was first published on January 24, 2024. It has been downloaded |
U.S. Charges 7 Chinese Nationals in Major 14-Year Cyber Espionage OperationOn March 26, 2024Source: The Hacker NewsByThe U.S. Department of Justice (DoJ) on Monday unsealed indictments against seven Chinese nationals… Read more The U.S. Department of Justice (DoJ) on Monday unsealed indictments against seven Chinese nationals for their involvement in a hacking group that targeted U.S. and foreign critics, journalists, businesses, and political officials for about 14 years.
The defendants include Ni Gaobin (倪高彬), Weng Ming (翁明), Cheng Feng (程锋), Peng Yaowen (彭耀文), Sun Xiaohui (孙小辉), Xiong Wang (熊旺), and Zhao Guangzong ( |